Risk Assessment and Minimization Procedures – Role of Board
28 Jul 2022
Regulation 17 of SEBI (LODR) regulations provides directives to be followed by the Board of Directors of the Company. Starting from the composition of the Board to making all the compliances in time, the role of board has been clearly defined by the regulation. It must be noted that in addition to the regular roles and responsibilities of a director, regulation 17(9) states a very crucial and specific responsibility highlighting the role of boards towards risk assessment and implementing as well as monitoring appropriate risk management plans for the Company. The regulation exactly states:
“17(9)(a) – The listed entity shall lay down procedures to inform members of the board of directors about risk assessment and minimization procedures.”
“17(9)(b) – The board of directors shall be responsible for framing, implementing and monitoring the risk management plan for the listed entity.”
Risk assessment and risk management are key aspects of the corporate governance principles and code of conduct for any Company. Having proper plans and policies in place not only ensures that the Company is heading safely towards its goals, but also enables the Company to proactively manage the uncertainties that are likely to impact the business opportunities. Directors need to develop and continuously improve practices to establish a well-defined and effective oversight function. In accordance with Section 134(3) of the Companies Act, 2013, the Company is required to include a statement indicating development and implementation of risk management policy including identification of the risk elements, if any, which in the opinion of the Board may threaten the existence of the Company.
Role of the Board
- Boards play an extremely critical role in influencing management’s processes of implementing and monitoring risks. Board members need to have a good understanding of risk management, even when they lack expertise in that area. Boards may lean on the expertise of outside consultants to help them review company risk management systems and analyze business specific risks. As part of the annual review, boards should review risk oversight policies and procedures at the board and committee levels and assess risk on an ongoing basis. It’s helpful to familiarize the board with expectations within the industry or regulatory bodies that the organization operates in by arranging for a formal annual presentation on risk management best practices. The annual risk management review should include communication from management about lessons learned from past mistakes. While many companies are having well defined risk governance structures, however it is important for boards to continuously monitor the same and assess shortcomings for mitigation. As a best practice management must list enterprise-wide risks and map them to specific board committees for oversight. This practice can help boards to have focused approach towards individual risks and the same could be dealt more strategically.
- Since many companies outside the financial services industry do not have a separate board risk committee, risks not assigned to a specific committee are often delegated to the audit committee. While it may be appropriate for the audit committee to take responsibility for reviewing management’s policies to manage risk, boards should take care not to overburden the audit committee with risk oversight responsibilities.
- Here are certain specific roles that board can play to assure proper implementation and monitoring of the risk management systems in the Company. The boards shall:
- Design a proper management plan to mitigate potential risks;
- Define roles and responsibilities of risk management committee and seek its regular updates
- Ensure appropriate systems for risk management are in place;
- Consider and implement opinions of independent directors on board to ensure that the systems put in place are robust and effective;
- Ensure that appropriate accountability framework is built where every delegation is documented and timely monitored;
- Ensure that risk management is not functioning in isolation. Rather the same is well integrated with the overall business strategies of the Company;
- Put in place proper policy to promote a proactive approach in reporting, evaluating and resolving risks associated with the business;
- Review the policy from time to time and ensure its communication to all the stakeholders in the Company;
- Develop proper guidelines with the deliberations of the Committee for identifying potential risks;
- With the help of the committee, ensure that the aforementioned guidelines and plans are communicated to the stakeholders;
- Ensure all controls, check and balances that are required to monitor effective implementation of robust risk management systems.
Disclosure in Board’s Report
Board of Directors shall include a statement indicating development and implementation of a risk management policy for the Company including identification therein of elements of risks, if any, which in the opinion of the Board may threaten the existence of the Company.
Approaching Risk Management Planning
A newly formed risk management committee will have many tasks ahead of them in the beginning. Their first task is to clarify the company's risk tolerance and risk profiles. The primary question they need to answer is, 'What will help the company grow the most?'
Upfront planning lessens the possibility that the board will need to be reactive toward viable threats. Clear risk management reduces the negative impact on employees, processes, technology and the general environment.
Timing can be critically important for risk management committees. Cues and triggers will assist them in knowing when they need to act. Overall, risk management committees need to communicate with information that is clear, concise and has the end goal in mind.
How Can MMB help you adapt mindset shifts if your Company sees stagnated growth?
MMB is on a mission to set up effective and efficient Boards in India with great Board members. With an expert team of mentors and capability to handhold Boards and leadership, MMB shall help companies to set up robust risk management program and help in selection as well as appointment of appropriate Risk Management Committee.
For more details connect with us on firstname.lastname@example.org.